Linux

13164 readers

845 users here now

A community for everything relating to the GNU/Linux operating system (except the memes!)

Also, check out:

Original icon base courtesy of lewing@isc.tamu.edu and The GIMP

founded 2 years ago

MODERATORS

Ategon@programming.dev

anzo@programming.dev

dwraf_of_ignorance@programming.dev

security and blobs (blog.lx.oliva.nom.br)

submitted 1 month ago by cm0002 to c/linux@programming.dev

1 comments fedilink hide all child comments

Linux-libre turned 18 recently, and I'm told there are still some people who try to pass as security experts who disapprove of the refusal to load binary blobs that claim to fix security problems.

I kind of understand the appeal of security bug fixes, but delivering them in the form of binary blobs mean that the one who accepts them has to trust them blindly and to give up any pretense of security from the vendor, and that seems to be a problem that many pretense security conscious minds seem to disregard, for whatever reason

top 1 comments

sorted by: hot top controversial new old

[–] Neptr@lemmy.blahaj.zone 3 points 1 month ago

They disregard the risk from the vendor because you are already using their hardware. The hardware has firmware already included which is proprietary, the hardware itself is proprietary, and hardware effectively runs as root anyways. You should already trust your hardware or you shouldn't be using it. Linux-libre is a purity test, that is it. It is security theater which actually, definitely, really makes you vulnerable without doing anything meaningful. The only time it makes any sense is if you only use open source hardware.